From 069cde81fbc480835d0a37637460995cdbab1e1e Mon Sep 17 00:00:00 2001 From: Liyun Huang Date: Fri, 8 Nov 2024 08:35:05 -0500 Subject: [PATCH] Added controlled-vault feature to backupdr-backupvault (#12239) --- mmv1/products/backupdr/BackupVault.yaml | 13 +++++++++++++ .../examples/backup_dr_backup_vault_full.tf.tmpl | 1 + .../resource_backup_dr_backup_vault_test.go.tmpl | 6 ++++-- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/mmv1/products/backupdr/BackupVault.yaml b/mmv1/products/backupdr/BackupVault.yaml index ff9d3d876290..f5a61e8cedc9 100644 --- a/mmv1/products/backupdr/BackupVault.yaml +++ b/mmv1/products/backupdr/BackupVault.yaml @@ -198,3 +198,16 @@ properties: description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores small amounts of arbitrary data. " min_version: 'beta' + - name: 'accessRestriction' + type: Enum + description: | + Access restriction for the backup vault. Default value is `WITHIN_ORGANIZATION` if not provided during creation. + min_version: 'beta' + immutable: true + default_value: "WITHIN_ORGANIZATION" + enum_values: + - 'ACCESS_RESTRICTION_UNSPECIFIED' + - 'WITHIN_PROJECT' + - 'WITHIN_ORGANIZATION' + - 'UNRESTRICTED' + - 'WITHIN_ORG_BUT_UNRESTRICTED_FOR_BA' diff --git a/mmv1/templates/terraform/examples/backup_dr_backup_vault_full.tf.tmpl b/mmv1/templates/terraform/examples/backup_dr_backup_vault_full.tf.tmpl index df66d96f3005..d26aae4b3177 100644 --- a/mmv1/templates/terraform/examples/backup_dr_backup_vault_full.tf.tmpl +++ b/mmv1/templates/terraform/examples/backup_dr_backup_vault_full.tf.tmpl @@ -13,6 +13,7 @@ resource "google_backup_dr_backup_vault" "{{$.PrimaryResourceId}}" { annotations2 = "baz1" } force_update = "true" + access_restriction = "WITHIN_ORGANIZATION" ignore_inactive_datasources = "true" ignore_backup_plan_references = "true" allow_missing = "true" diff --git a/mmv1/third_party/terraform/services/backupdr/resource_backup_dr_backup_vault_test.go.tmpl b/mmv1/third_party/terraform/services/backupdr/resource_backup_dr_backup_vault_test.go.tmpl index 9e3973db22f5..53d7f084cbf8 100644 --- a/mmv1/third_party/terraform/services/backupdr/resource_backup_dr_backup_vault_test.go.tmpl +++ b/mmv1/third_party/terraform/services/backupdr/resource_backup_dr_backup_vault_test.go.tmpl @@ -32,7 +32,7 @@ func TestAccBackupDRBackupVault_fullUpdate(t *testing.T) { ResourceName: "google_backup_dr_backup_vault.backup-vault-test", ImportState: true, ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"allow_missing", "annotations", "backup_vault_id", "force_delete", "force_update", "ignore_backup_plan_references", "ignore_inactive_datasources", "labels", "location", "terraform_labels"}, + ImportStateVerifyIgnore: []string{"allow_missing", "annotations", "backup_vault_id", "force_delete", "force_update", "ignore_backup_plan_references", "ignore_inactive_datasources", "access_restriction", "labels", "location", "terraform_labels"}, }, { Config: testAccBackupDRBackupVault_fullUpdate(context), @@ -41,7 +41,7 @@ func TestAccBackupDRBackupVault_fullUpdate(t *testing.T) { ResourceName: "google_backup_dr_backup_vault.backup-vault-test", ImportState: true, ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"allow_missing", "annotations", "backup_vault_id", "force_delete", "force_update", "ignore_backup_plan_references", "ignore_inactive_datasources", "labels", "location", "terraform_labels"}, + ImportStateVerifyIgnore: []string{"allow_missing", "annotations", "backup_vault_id", "force_delete", "force_update", "ignore_backup_plan_references", "ignore_inactive_datasources", "access_restriction", "labels", "location", "terraform_labels"}, }, }, }) @@ -66,6 +66,7 @@ resource "google_backup_dr_backup_vault" "backup-vault-test" { } force_update = "true" ignore_inactive_datasources = "true" + access_restriction = "WITHIN_ORGANIZATION" ignore_backup_plan_references = "true" allow_missing = "true" } @@ -90,6 +91,7 @@ resource "google_backup_dr_backup_vault" "backup-vault-test" { annotations2 = "baz1" } force_update = "true" + access_restriction = "WITHIN_ORGANIZATION" ignore_inactive_datasources = "true" ignore_backup_plan_references = "true" allow_missing = "true"